Cisco has warned firms using its Aironet access points running Cisco IOS operating software of a security flaw that allows hackers to gain full access to wireless networks.
The vulnerability allows hackers to steal Wired Equivalent Privacy (Wep) encryption keys. The issue arises if the wireless Lan device's 'SNMP-server enable traps wlan-wep' command is enabled.
"Under these circumstances, an adversary will be able to intercept all static Wep keys," Cisco said in a statement.
If the command is switched on, which Cisco stressed is disabled by default, the access point will broadcast any network static Wep keys in cleartext to the SNMP server every time a key is changed or access points rebooted.
Affected hardware models are the Cisco Aironet 1100, 1200 and 1400 series.
Cisco has posted a workaround advising companies with deployments of these devices to disable this command, adding that any dynamically set Wep key will not be disclosed.
The networking giant said that the problem only applies to wireless Lan kit running its IOS software, so Aironet access point models running VxWorks are not affected.
Customers are advised to upgrade their IOS version to a patched system. Vulnerable IOS releases are: 12.2(8)JA, 12.2(11)JA and 12.2(11)JA1. The first fixed release is 12.2(13)JA1.
Full details of Cisco's advisory and workaround are available here.
Microsoft receives a 30 per cent cut of all purchases on the Xbox digital store
Credit card thieves used Apple ID accounts to buy and sell virtual currency for Clash of Clans and Clash Royale and Marvel Contest of Champions
$5.1bn fine further evidence that the EU is anti-US, claims Trump
New cable will connect Virginia to France